<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>修改资料</title>
<style type="text/css">
<!--
td {  font-size: 9pt}
-->
</style>
</head>
<body bgcolor="#ffffff" topmargin=0>

<?php

include 'config.php';
include_once ("sendmail.php");

function check_email_address($val)
{
	return 1;
}

function generate_activate_code()
{
	    $str = substr(md5(time()), 0, 8);
	        return $str;
}

function send_activation_email($email, $username, $code)
{
	$subject = "欢迎注册西湖网络VPN帐号";
	$content = "<p>亲爱的 $username:</p>

		<p>感谢您注册西湖网络VPN帐号!</p>

		<p>请点击下面的链接激活您的帐号：</p>
		<a href=\"http://www.thewestlake.net/activate.php?userid=$username&code=$code\">http://www.thewestlake.net/activate.php?userid=$username&code=$code</a>

		<p><p>
		<p> &nbsp; 2015 &copy; <a href=\"http://www.thewestlake.net/\">西湖网络</a>
		";
	return send_email($email, $subject, $content);
}

if (isset($_POST['submit'])) {
	$email = $_POST['email'];
	$userinfo = $configValues['CONFIG_DB_TBL_DALOUSERINFO'];
	$group = "daloRADIUS-Disabled-Users";
	include ("checklogin.php");
	$username = $_SESSION['westlakeusername'];

	if ( !check_email_address($email)) {
		echo "<br/><br/>
		Invalid email	<br/>";
		exit;
	}

	include 'opendb.php';

	/* check if user already exists */
	$sql = "SELECT username, email FROM $userinfo WHERE username = '$username'";
	$res = $dbSocket->query($sql);
	if ($res->numRows() == 0){
		echo "<br/><br/>用户不存在<br/>";
		$dbSocket->disconnect();
		exit;
	}
	$row = $res->fetchRow();
	$oldemail = $row[1];
	if ($oldemail == $email){
		echo "<br/><br/>Email没有改变。<br/>";
		echo '<a href="index.php">返回主页</a>';
		$dbSocket->disconnect();
		exit;
	}

	/* check if new email already exists */
	$sql = "SELECT username FROM $userinfo WHERE email = '$email'";
	$res = $dbSocket->query($sql);
	if ($res->numRows() > 0){
		echo "<br/><br/>此邮件地址已经被人使用。<br/>";
		echo '<p><a href="index.php">返回主页</a>';
		$dbSocket->disconnect();
		exit;
	}

	/* update user information to the userinfo table */
	$currDate = date('Y-m-d H:i:s');
	$ip = $_SERVER["REMOTE_ADDR"];
	$code = generate_activate_code(); 
	$sql = "UPDATE userinfo SET email='$email', creationdate='$currDate', creationby='$ip', activationcode='$code', activated='0' WHERE username = '$username'";
	$res = $dbSocket->query($sql);

	/* adding the user to the disabled group */
	$sql = "INSERT INTO radusergroup values ('$username', '$group', '0')";
	$res = $dbSocket->query($sql);

	$dbSocket->disconnect();

	$errmsg = send_activation_email($email, $username, $code);
	if($errmsg != ""){
		echo "Oops！激活邮件没有发送成功。请报告管理员。<br/>";
		echo "错误：$errmsg<br/>";
		echo '<p><a href="index.php">返回主页</a>';
		exit;
	}

	echo "<br/><br/>激活邮件发送到 ". $email . "<br/>请检查邮件。<br/>";
	echo '<a href="index.php">返回主页</a>';

	exit;
} // if submit
else{
	echo "<br/><br/>No action.<br/>";
	exit;
}
?>
</body>

